US 7471789 B2 Abstract An addition and subtraction circuit performs addition and subtraction using a carry-in signal from another operation circuit, and outputs a carry-out signal generated through addition and subtraction to another operation circuit. A right-shift circuit performs right-shift using a shift-in signal from another operation circuit, and outputs a shift-out signal generated through right-shift to another operation circuit. Therefore, even if a data length of operation data is extended, a propagation path for a carry can be shortened, and an operation clock frequency of an encryption circuit can be increased.
Claims(6) 1. An encryption circuit, comprising:
a plurality of operation circuits which are connected; and
a control circuit dividing data to plural parts for providing to each of said plurality of operation circuits and controlling said plurality of operation circuits to provide encryption or decryption control; wherein
each of said plurality of operation circuits includes
a first register holding corresponding part of data as operation data,
an addition and subtraction circuit performing addition and subtraction with respect to the operation data held in said first register,
a right-shift circuit performing right-shift with respect to an operation result by said addition and subtraction circuit, and
a second register holding an operation result by said right-shift circuit,
wherein said addition and subtraction circuit in a first operation circuit performs addition and subtraction using a carry-in signal supplied from a second operation circuit, and outputs a carry-out signal as said carry-in signal of a third operation circuit,
wherein a right-shift circuit in said first operation circuit performs right-shift using a right shift-in signal supplied from said third operation circuit, and outputs a right shift-out signal as said right shift-in signal of said second operation circuit, and
wherein said first operation circuit receives said carry-out signal from said second operation circuit before starting a calculation thereof, receives said shift-in signal from said third operation circuit during performing the calculation thereof, supplies said carry-out signal to said third operation circuit before starting the calculation of the third operation circuit, and supplies said shift-out signal to said second operation circuit during performing the calculation of the second operation circuit.
2. The encryption circuit according to
said addition and subtraction circuit in said first operation circuit determines the operation data at a first clock, and
said addition and subtraction circuit in said third operation circuit determines the operation data with said carry-in signal supplied from said first operation circuit at a second clock delayed by one dock from said first clock.
3. The encryption circuit according to
said addition and subtraction circuit in said first operation circuit determines the operation data at the first clock, and
in the second register in said first operation circuit, a bit except for a most significant bit is written at the second clock delayed by one clock from said first clock, and the most significant bit is written at a third clock delayed by half clock from said second clock.
4. The encryption circuit according to
said plurality of operation circuits are connected such that said carry-in signal and said shift-in signal form a loop.
5. The encryption circuit according to
respective one of said plurality of operation circuits further includes a left-shift circuit performing left-shift with respect to the operation result held in said second register, and
said left-shift circuit in said first operation circuit performs left-shift using a left shift-in signal supplied from said second operation circuit, and outputs a left shift-out signal as said left shift-in signal of said third operation circuit.
6. The encryption circuit according to
said first operation circuit further includes a selector selectively outputting one of said left shift-in signal from said second operation circuit and said left shift-out signal from the left-shift circuit in said first operation circuit to the addition and subtraction circuit in said first operation circuit.
Description 1. Field of the Invention The present invention relates to a technique for encrypting and decrypting information to be used, and more particularly to an encryption circuit encrypting and decrypting data with an operation such as power remainder operation, Montgomery operation, addition and subtraction, or the like. 2. Description of the Background Art As an information technology develops, an emphasis has been placed on ensuring security on a information network (prevention of theft or destruction of data). Accordingly, techniques for encrypting and decrypting information have been adopted in many cases. The technique is applied not only to a field of information and communication technology, but also to more familiar fields such as transportation, finance, medical care, distribution, and the like. With respect to the technique for encryption and decryption of this type, it is demanded that security of high level can be implemented with a simple principle. Examples related to such techniques are disclosed in Japanese Patent Laying-Open No. 5-324277 and Japanese Patent Laying-Open No. 2002-229445. A method for encrypted communication disclosed in Japanese Patent Laying-Open No. 5-324277 implements a remainder operation Q=A·BmodN and a power remainder operation C=M In addition, a power remainder operation circuit disclosed in Japanese Patent Laying-Open No. 2002-229445 includes an e register holding a key e, a Y register holding a multiplier Y for Montgomery conversion, an N register holding a key N, a B Security of most cryptosystems in present days is based on difficulty in finding a private key through calculation, considering time required therefor. For example, when encryption with RSA (Rivest-Shamir-Adleman scheme) is used, security is based on difficulty in prime factorization of an integer N in a short period of time, which is a product of two prime numbers (N=p×q; p and q are prime numbers). Conversely, this means that, in order to ensure security of the RSA scheme, digits of selected prime numbers p and q must be increased, as performance of a calculator such as a computer is enhanced in the future. Consider an example in which an encryption circuit having a large bit length is configured according to the inventions disclosed in Japanese Patent Laying-Open No. 5-324277 and Japanese Patent Laying-Open No. 2002-229445 described above. The simplest method is to modify the encryption circuit by increasing registers, however, this is not desirable. This is because the time for operation and the size of the encryption circuit will be increased in accordance with the increase of the registers. In addition, if the bit length which an addition and subtraction circuit can handle at a time is extended, for example, from 128 bits to 256 bits, a propagation path for a carry in addition and subtraction will be extended, leading to difficulty in raising an operation frequency. An object of the present invention is to provide an encryption circuit of which operation clock frequency can be raised and of which operation speed can be improved. According to one aspect of the present invention, an encryption circuit includes a plurality of operation circuits which are connected, and a control circuit controlling the plurality of operation circuits to provide encryption or decryption control. Each of the plurality of operation circuits includes a first register holding operation data, an addition and subtraction circuit performing addition and subtraction with respect to the operation data held in the first register, a right-shift circuit performing right-shift with respect to an operation result by the addition and subtraction circuit, and a second register holding an operation result by the right-shift circuit. An addition and subtraction circuit in a first operation circuit performs addition and subtraction using a carry-in signal from a second operation circuit, and outputs a carry-out signal generated through addition and subtraction to a third operation circuit. A right-shift circuit in the first operation circuit performs right-shift using a shift-in signal from the third operation circuit, and outputs a shift-out signal generated through right-shift to the second operation circuit. The addition and subtraction circuit in the first operation circuit performs addition and subtraction using the carry-in signal from the second operation circuit, and outputs the carry-out signal generated through addition and subtraction to the third operation circuit. Therefore, even if a data length of the operation data is extended, the propagation path for the carry can be shortened, and the operation clock frequency of the encryption circuit can be improved. The foregoing and other objects, features, aspects and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings. Initially, an encryption circuit disclosed in Japanese Patent Laying-Open No. 2002-229445 or the like, which was filed by the present applicant, will briefly be described. Operation processings such as power remainder operation, Montgomery operation, RSA encryption and the like are implemented mainly by repetition of addition, subtraction, multiplication, and division. Therefore, when control circuit Control circuit Addition and subtraction circuit Right-shift circuit Left-shift circuit Control circuit The operation of the data in operation circuits In addition, bits As described above, according to the encryption circuit in the present embodiment, the operation data is divided into a plurality of bits. Then, a plurality of operation circuits are caused to operate respective operation data, and only the carry-out and the shift-out are output to the higher-order operation circuit or the lower-order operation circuit. Thus, the size of the operation circuit can be reduced, a propagation path for the carry can be shortened, and the operation clock frequency can be raised. In addition, compared to the operation circuit processing the operation data of 128 bits, four times the amount of the operation data can be processed with the same number of clocks. Thus, the operation speed can be improved. Control circuit For example, when the operation data of 1024 bits is stored in the e registers, control circuit In addition, control circuit In performing the operation processing, the operation data is set in addition and subtraction circuit As described above, according to the encryption circuit in the present embodiment, two registers are provided respectively in each group of registers, and the carry-out signal and the shift-out signal are caused to form a loop through the operation circuits. Therefore, in addition to an effect shown in the first embodiment, a bit length of the operation data can readily be increased. An encryption circuit in the third embodiment of the present invention is different from that in the second embodiment shown in For details of the operation algorithm using B As described above, according to the encryption circuit in the present embodiment, the fixed data to be used repetitively during operation is calculated in advance, and stored in B An encryption circuit in the fourth embodiment of the present invention is different from that in the second embodiment shown in As a register temporarily storing the operation result, Q In addition, when multiplication of 1024 bits×1024 bits is performed, a register holding a multiplication result of 2048 bits is necessary. Here, the multiplication result can be held by using P As described above, according to the encryption circuit in the present embodiment, Q An encryption circuit in the fifth embodiment of the present invention is different from that in the second embodiment shown in In order to perform an operation with respect to operation data of 2048 bits, four groups of registers of the total of 2048 bits should be provided. In such a case, the operation data goes through four operation circuits In addition, if the control circuit is configured so as to be able to utilize K register used as an XX register, in a manner similar to other registers, an operation modulo a composite number obtained by Chinese remainder theorem can be implemented by performing addition, subtraction, and multiplication. Further, by adding a processing reading a sign of the operation result of addition and subtraction, multiplication, and division, operation with an extended Euclidean algorithm can be achieved. Thus, calculation of the inverse element required for generation of a private key or Chinese remainder theorem will be possible. As described above, according to the encryption circuit in the present embodiment, registers are re-defined to allow the processing of the operation data having a large bit length. Therefore, in addition to the effect shown in the first embodiment, the number of registers necessary for the operation can be reduced, and the circuit size can be made smaller. An encryption circuit in the sixth embodiment of the present invention is different from that in the second embodiment shown in Selector In such a circuit configuration, since it takes time for the right-shift-in signal to be input to addition and subtraction circuit In the first embodiment, as shown in As described above, according to the encryption circuit in the present embodiment, selector Although the present invention has been described and illustrated in detail, it is clearly understood that the same is by way of illustration and example only and is not to be taken by way of limitation, the spirit and scope of the present invention being limited only by the terms of the appended claims. Patent Citations
Non-Patent Citations
Classifications
Legal Events
Rotate |